Security :: SSH Time Out On Login Attempt From Remote Box: Command Needed To Check Port 22?

Dec 1, 2010

I have set up a user to login remotely to our Red Hat 5 server via SSH. A rule in our department firewall enables this user to login from a single static ip address. The ssh port on our server is 22. I am able to login to port 22 from locations within our department firewall. Our administrator says the firewall configuration is unchanged. The remote user had been successful logging in. But now the remote user gets a Connection Timed Out message, before being asked to authenticate by the server.

I regenerated security keys, but the remote user still gets the connection timed out message. (I can login locally with the new keys). I suspect either a firewall or an authentication problem--inclining a firewall problem. Am I correct? Is there a Linux command to check whether port 22 is available or blocked, prior even to authentication, for login from the user's remote location?

View 3 Replies


ADVERTISEMENT

General :: Notify The Administrator For Every Remote Login Attempt?

Apr 19, 2010

am using RHEL 5 ,i would like the system to send me an email for every time some one attempts to login to the server remotely. i have created the emailing script in perl and it works. but i want it to be triggered if someone tries to access the server. how can this be possible

View 9 Replies View Related

Networking :: Ubuntu - No Remote Response From SSH Login Attempt

Dec 29, 2010

I'm setting up an Ubuntu 10.04 system; installed open-ssh. I'll call this box A. I also have an older box B with Debian. From A I can log into B via the usual way (ssh <user>@<IP>). The 1st attempt at this I was presented with the 'unknown host' warnings & elected to accept it. However, from B when I try logging into A there is no response at all -- no warnings, nothing. I have to ctrl-C back to the prompt. I can successfully ping A from B though. I CAN connect to A from a Windows box using PuTTY as an ssh client with all default settings. Once connected I can log in. Why no response from A when trying to log in from B?

View 1 Replies View Related

Security :: Iptables: Verify Traffic On Port To Check If It Is Legitimate For That Port?

Apr 18, 2011

Is there any way to verify if packets being trafficked over a certain port are valid for the service you want to use this port for?

One obvious example that probably clarifies my question:
When I open port 443 (outgoing or incoming) for https/ssl traffic, I don't want this port to be used for say openvpn traffic.
Thus: when someone wants to surf to a website with https, it should be ok but if someone wants to connect to his home openvpn server over that same port, it should be blocked.

View 5 Replies View Related

Security :: Block IP After Failed Login Attempt Using Iptables?

Aug 11, 2009

I keep getting hundreds of SSH failed logins per day. Is there a way with iptables, i can say if a user connects too to port 22 over 8 times in 10 minuntes, then block them for an hour?

View 7 Replies View Related

Ubuntu Security :: Automatic Logout - Auth Log Indicates Failed Login Attempt?

Mar 3, 2010

A few minutes ago I was using google chrome when suddenly the scroll-lock indicator on my keyboard turned on... I pressed the scroll-lock key, but nothing happened, the light remained. I opened a terminal and ran "top" to find what processes were running when I was automatically logged out. I logged back and checked the logs and found the following entries in my auth.log:

Code:
CRON[2971]: pam_unix(cron:session): session opened for user root by (uid=0)
CRON[2971]: pam_unix(cron:session): session closed for user root

[code]....

View 1 Replies View Related

Security :: Check The Listening Url In The Remote Machine?

Jul 8, 2010

I have stuk up in big issue here , I just want to find the remote url in which it listens ?

I know the remote host and remote port number but i just want to which url the web application listen

For example : Host : 1.1.1.1 & port no : 8080

But i remember the url would be http://1.1.1.1/(something):8080

I want to find the complete url in which it listens ?

In nmap whether i can achive this or anyother tool ?

View 5 Replies View Related

Ubuntu Security :: SSH Remote Port Forwarding

May 13, 2010

I'm trying to SSH into my home computer from a remote location outside of my house's LAN and can't figure out remote port fowarding.

The guide here says to use the following:

Code:

I've tried connecting to my home computer through many combinations of the syntax listed above, read the man file, and looked online for help. But can't find out the proper syntax or a good guide that isn't written for Windows users using Putty.

Let's assume for the sake of simplicity that the public IP address of my home SSH server is 123.123.123.123, the private IP address of my home SSH server is 192.168.1.100, my home SSH port is 2222, and the SSH port at my current location is is 22. How would I write out the command?

Every time I try to connect I get a "connection times out" error.

View 9 Replies View Related

Red Hat / Fedora :: SSH To Remote Host (Port 2022) Cannot Login Directly

Mar 7, 2011

Our requirement is not to use the default SSH port, So I have edited /etc/ssh/sshd_config file and changed the default port 22 to 2022, and I have restarted the sshd daemon. Now port 2022 is open in all servers however when I ssh to the remote hosts I cannot login directly. I have to use the below command to connect to the remote server, I don't want to provide SSH port number info while login to remote servers, How to achieve this.
ssh -p 2022 server02

View 1 Replies View Related

Ubuntu Security :: Change The Ssh Remote Port To Smtg Like 61982 Instead Of 22?

May 31, 2011

I wish to install a remote server up, for controling my machine, it would be nice to have something like VNC / Team Viewer and ssh, but I don't trust ssh/vnc/team so mutch after seeing this movie:[URL].. Shoud I change the ssh remote port to smtg like 61982 instead of 22?

View 6 Replies View Related

CentOS 5 Server :: Vsftpd - Takes Long Time To Login From Remote Host

Aug 19, 2009

I've setup vsftpd correctly and it's running fine with local users (in the same LAN). However, when remote users wanna login to the server, it takes more than 1 minute to get in. Users do can login from remote. It just took too long. (It prompted for the username and password very fast.) Since the server is behind a router, I did configure the port forwarding for TCP 20-21. The centos version is 5.3. The vsftpd is v2.0.5.

View 6 Replies View Related

Security :: Disable Remote Login For Particular User?

Feb 25, 2011

I want to disable the remote login for particular user id in linux server.

View 11 Replies View Related

Ubuntu Security :: Recommend A Log File Viewer Like Fwlogwatch That Shows Date, Time, & Port?

Jul 9, 2011

I like the easy readability of fwlogwatch (as compared to the Log File Viewer). But fwlogwatch doesn't display port number or date when I run it in terminal.

Is there a log viewer that displays clean like fwlogwatch but displays all the information that Log File Viewer does?

View 1 Replies View Related

Fedora Security :: Disable Remote Root Login?

Apr 4, 2009

Remote root login is enabled. How do I disable this

View 14 Replies View Related

General :: Warning: Remote Port Forwarding Failed For Listen Port 7869

Jul 20, 2010

I tried to make "ssh tunneling", but failed and got this message.

Quote:

Administrator@windstory-PC /
$ ssh -R 7869:localhost:7869 windowsstudy@192.168.0.4
windowsstudy@192.168.0.4's password:

Warning: remote port forwarding failed for listen port 7869 Last login: Wed Jul 21 01:56:04 2010 from 192.168.0.2 -bash-3.2$

1. system environment

192.168.0.2 - windows 7 + copssh
192.168.0.4 - centos 5.4 x86 + openssh

2. Guide for setting "ssh tunneling"

[URL]

3. Added this to sshd.conf

Quote:

AllowTcpForwarding yes

4. "netstat -na|grep 7869" at 192.168.0.4

Quote:

[root:maestro:~]# netstat -na|grep 7869
tcp 0 0 0.0.0.0:7869 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:7869 127.0.0.1:53539 ESTABLISHED

[code]....

5. result of "ssh -vvv -R 7869:localhost:7869 windowsstudy@192.168.0.4"

Quote:

debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password

[code]....

6. I added 7869 for telnet service as follow;

Quote:

mytelnet 7869/tcp # My Telnet server

View 1 Replies View Related

Ubuntu Networking :: Error - Remote Port Forwarding Failed For Listen Port 5500

Aug 7, 2010

When I use the following command:

ssh user@ssh_server -L 5500:localhost:5500 -p 22

everything works fine. I can log in, and local port forwarding is done. Otherwise when I use the command:

ssh user@ssh_server -R 5500:localhost:5500 -p 22

I get an error "remote port forwarding failed for listen port 5500". However when I try remote port forwarding in WinXP by use of putty there is no problem...

View 2 Replies View Related

Ubuntu :: Can't Login After Attempt At Openafs Install

Sep 6, 2010

I'm running Kubuntu 9.10. In the process of trying to install openafs, I messed w/etc/pam. d/common-auth and /etc/pam.d/common-session. So, now I can't login to my machine. Loging in using the console gives the message module is unknown.I'm unable to log in in recovery-mode: the system freezes at the recovery menu.

View 2 Replies View Related

General :: One Incorrect SSH Login Attempt Locks Out For An Hour?

Mar 23, 2010

I've never observed this problem neither did any of my colleagues trying to SSH into the same system. If I try logging into my server using a wrong username and then press ^C to terminate or exhaust my password attempts, I am locked out for at least an hour. Is there something I can do on my end to fix this problem?

View 1 Replies View Related

Ubuntu Security :: Undesired Access Attempt To Localhost

Jun 29, 2011

While investigating my localhost access logs during an investigation to resolve locking myself out of my own server(!) I noticed this recent access attempt from a proxy referrer. I wouldn't expect this on a local server - currently set to listen on 127.0.01. The request was 403 forbidden, but surely the request should not have even reached this far? Is this an example of an unauthorised access attempt? I don't think it is me because all of my usual access requests are in moz 5 and im logged in to linux currently.

Note please do not click this link as I do not know where it leads ^^^^! (and i dont know how to disable it on this forum)

View 8 Replies View Related

Ubuntu :: Evolution Mail Privacy After Failed Login Attempt?

May 1, 2010

I've searched lot on forums but couldn't find a related post. My problem is I want to hide my mail folders when login attempt in Evolution has failed. I dont use Remember password option so everytime I'm prompted for password.

When I give no password and escape that dialog, I can see all the mails that have been already downloaded form my gmail account. If any of you guys know already existing post, please redirect me to that one.

View 2 Replies View Related

Ubuntu :: Measure Time Needed To Copy A File From One Place To Another?

Apr 24, 2010

I was wondering if you could help me how to measure the time needed for Ubuntu to copy a file from one place to another.

View 2 Replies View Related

Fedora :: 12 - Attempt To Boot Only To A Command Prompt?

Mar 2, 2010

Ive always had luck doing any kind of updates to my system. I let it auto install the security updates lastnight. Today when I rebooted the machine it just hangs. I would like to attempt to boot only to a command prompt so that I can atleast use vi to edit files and fix the system. Do I have to edit grub to do this or is there keys I can press during boot up?

View 5 Replies View Related

Ubuntu Security :: Get A "unlock Default Keyring" Prompt Every Time Login

May 5, 2011

I always get this prompt in Ubuntu and the option to auto login is grayed out so i cant choose it. Its not a serious issue but does anybody know how to unlock it when i sign in on Ubuntu 11.4?

View 4 Replies View Related

Ubuntu Security :: GKSU Terminates After 1 Incorrect Password Attempt

Nov 19, 2010

Just like the title says, if I were to try to run anything through gksu and accidentally put in an incorrect password, instead of the gksu window coming up again, it would just terminate.

Code:
theyain@theyain-laptop:~$ gksu update-manager
GNOME_SUDO_PASSGNOME_SUDO_PASSSorry, try again.
sudo: 3 incorrect password attempts

Whats interesting is that it gives me the sudo error after only one incorrect password attempt.

View 8 Replies View Related

Fedora Hardware :: Several Reboot Needed Before Login Is Seen

Dec 22, 2009

I just recently upgraded my computer from fedora 11 => 12.After moving /home to a separate partition the installation was very simpel.I only had to reconnect my windows system.BUT a strange problem has started to appear.

1) Booting to grub is no problem at all ( I have configured grub to be able to select windows if I want)
2) I always see the grub count down on my screen.
3) then there is a lot of discaccesses but the screen with the fedora symbol is not seen and then my monitor goes to sleep.
4) I usually(always) have to turn my computer off and try again at least three times before the screen with the fedora-sign is seen.
5) If the fedora-sign lights up I have no problem with login and use of the computer.

There seems to be a very unstable situation between grub and XwindowsHas anyone a solution or at least a explanation?

View 7 Replies View Related

Ubuntu Security :: SSH Port Forwarding, Disable Or Edit A Forwarded Port?

Nov 1, 2010

sudo ssh -L 750:192.168.123.103:873 username@192.168.123.103It does exactly what it's supposed to do, but how do i edit / remove this rule?Is there some config file where i can alter the forwarding? How does it get stored?Im using Ubuntu 10.10Server Edition (allthough i recon it would be pretty much the same across all versions

View 5 Replies View Related

Fedora Security :: SELinux Prevents Httpd From Reading Homes - Intrusion Attempt?

Aug 30, 2010

the following security alert made me checking my httpd.conf:

Code:
Summary:

SELinux is preventing the http daemon from reading users' home directories. Detailed Description: SELinux has denied the http daemon access to users' home directories. Someone is attempting to access your home directories via your http daemon. If you have not setup httpd to share home directories, this probably signals an intrusion attempt. Even though in httpd.conf there is a line that reads

Code:
LoadModule userdir_module modules/mod_userdir.so
in the same conf-file the access to home-dirs is disabled:
Code:
<IfModule mod_userdir.c>

[Code]....

View 12 Replies View Related

Ubuntu Security :: Mount.ntfs Ran On Its Own - Normal Or External Hack/break-in Attempt?

Aug 2, 2010

Running Ubuntu 10.04 I noticed my hard disc rumbling for longer than normal and louder. Not doing anything demanding to cause hard disk activity like this so I was suspicious so I checked my process list with 'top' command in the console terminal. At the top was mount.ntfs running. Eventually it stopped running after 20 seconds or so. At the time I have not been accessing NTFS filesystems, but I do have them. I have a dual boot Ubuntu 10.04 and Windows 7. In Ubuntu I've mounted the Windows main C drive and on the same hard disk a partitioned drive for sharing files between the OSs. I know mount.ntfs is a standard program but was it being run on my machine, instigated externally here? Was the running of mount.ntfs an attempt from outside to hack into Ubuntu and the mounted Windows areas of my machine via a backdoor connection or vulnerability? I've restarted my machine since then. Are there any logs I can check for malicious attempts to break in?

View 9 Replies View Related

Security :: Port-bind Shellcodes Work With Port-forwarding?

Apr 27, 2011

I'll explain this in one sentence: Is it possible to program a port-binding shellcode in which people across the Internet can connect to, without being thwarted by the router blocking their data because the port its bound to doesn't allow port-forwarding

View 2 Replies View Related

Ubuntu Security :: Sudo Su. No Password Needed

Mar 22, 2011

why when I type sudo su in a terminal there's no need to enter my password, I just go straight into root

View 5 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved